diff --git a/support/nginx/peertube b/support/nginx/peertube index e94eac5e8..bde0b18e8 100644 --- a/support/nginx/peertube +++ b/support/nginx/peertube @@ -38,6 +38,7 @@ server { # resolver_timeout 5s; add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; + add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; @@ -103,6 +104,11 @@ server { alias /var/www/peertube/storage/videos; } + # Allow embeds + location /videos/embed { + proxy_hide_header X-Frame-Options; + } + # Websocket tracker location /tracker/socket { # Peers send a message to the tracker every 15 minutes